Re: How to prevent SSLv3/Poodle attack?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2014-10-15 18:03, lst_hoe02@xxxxxxxxx wrote:
> Unfortunately it looks like Cyrus can not disable SSLv3 protocol without
> disabling ciphers also used in TLSv1.x, no?

You can't disable it manually until Kristian's patch is merged, but with
Ubuntu's default cipher list I'm unable to establish an SSLv3 session
(while TLS v1.0 works). Mayhaps SSLv3 support was already broken before
and nobody noticed?

-- 
Mit freundlichen Grüßen, / Best Regards,
Sven Schwedas
Systemadministrator
TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz
Mail/XMPP: sven.schwedas@xxxxxx | +43 (0)680 301 7167
http://software.tao.at

Attachment: signature.asc
Description: OpenPGP digital signature

----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux